In-depth security news and investigation

Posts Tagged: Jonanthan Zdziarksi

Russian President Vladimir Putin directed a massive propaganda and cyber operation aimed at discrediting Hillary Clinton and getting Donald Trump elected, the top U.S. intelligence agencies said in a remarkable yet unshocking report released on Friday.

Russian President Vladimir Putin tours RT facilities. Image: DNI

The 25-page dossier from the Office of the Director of National Intelligence stopped short of saying the Russians succeeded at influencing the outcome of the election, noting that the report did not attempt to make an assessment on that front. But it makes the case that “Russia’s intelligence services conducted cyber operations against targets associated with the 2016 US presidential election, including targets associated with both major US political parties.”

“We assess with high confidence that Russian military intelligence (General Staff Main Intelligence Directorate or GRU) used the Guccifer 2.0 persona and DCLeaks.com to release US victim data obtained in cyber operations publicly and in exclusives to media outlets and relayed material to WikiLeaks,” the DNI report reads.

The report is a quick and fascinating read. One example: It includes a fairly detailed appendix which concludes that the U.S.-based but Kremlin-financed media outlet RT (formerly Russia Today) is little more than a propaganda machine controlled by Russian intelligence agencies.

The DNI report is remarkable for several reasons. First, it publicly accuses Russia’s President of trying to meddle with the U.S. election and to hack both political parties. Also, as The New York Times observed, it offers “a virtually unheard-of, real-time revelation by the American intelligence agencies that undermined the legitimacy of the president who is about to direct them.”

However, those who’ve been clamoring for more technical evidence to support a conclusion that Russian intelligence agencies were behind the phishing, malware attacks and email leaks at The Democratic National Committee (DNC) and Clinton campaign likely will be unmoved by this report. Those details will remain safely hidden from public view in the classified version of the report.

Last week, the FBI and Department of Homeland Security issued a joint report (PDF) on some of the malware and Internet resources used in the DNC intrusion. But many experts criticized it as a poorly-written, jumbled collection of threat indicators and digital clues that didn’t all quite lead where they should.

Others were perplexed by the high confidence level the agencies assigned to the findings in their unclassified report, noting that neither the FBI nor DHS examined the DNC hard drives that were compromised in the break-in (that work was done by private security firm Crowdstrike).

Former black-hat hacker turned Wired and Daily Beast contributing editor Kevin Poulsenslammed the FBI/DHS report as “so aimless that it muddies the clear public evidence that Russia hacked the Democratic Party to affect the election, and so wrong it enables the Trump-friendly conspiracy theorists trying to explain away that evidence.”

Granted, trying to reconstruct a digital crime scene absent some of the most important pieces of evidence is a bit like attempting to assemble a jigsaw puzzle with only half of the pieces. But as digital forensics and security expert Jonanthan Zdziarksi noted via Twitter last night, good old fashioned spying and human intelligence seems to have played a bigger role in pinning the DNC hack on the Russians.

“The DNI report subtly implied that more weight was put on our intelligence coming from espionage operations than on cyber warfare,” Zdziarski wrote. “As someone who’s publicly called out the FBI over misleading the public and the court system, I believe the DNI report to be reliable. I also believe @CrowdStrike’s findings to be reliable based on the people there and their experience with threat intelligence.”